Mutillidae is a great open source project you can use to tech yourself webapp security, which is maintained by @webpwnized, and is great for learning how to secure webapps, check it out.
Another quick video showing how SQL Injection can be used to bypass a login page. This is a very basic example, but it clearly shows that if you aren’t filtering input your site is as risk.
Here we use a simple SQL statement
‘OR 1=1 —
This bypasses the login authentication control.
The ‘ at the start escapes the intended statement which should run when you click the login button and then the SQL statement OR 1=1 will run (This will equal true). For example a simplified login statement would be
“IF Username & Password = true, Login = yes.
(This is not a real statement it is written here in simplified form to make it easier to understand).
Our Injection statement equals true so therefore even though we have not used a username and password our statement still equals true so we get logged in! The — at the end simply comments out any code which comes after our injection which allows our statement to run without any extra code running afterwards.
@2codemonte 